Cisco 1921 Multicast

jmmgrodrigues · ‎09-27-2018

Hi!

I want to pass muticast traffic from WAN to VLAN interface but it's not working. I'm sure that is missing something but I'm not seeing what. I appreciate your help. Thanks!

Router#sh ip int bri

Interface IP-Address OK? Method Status Protocol

Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down

GigabitEthernet0/0 192.168.1.15 YES NVRAM up up

GigabitEthernet0/1 unassigned YES NVRAM administratively down down

GigabitEthernet0/0/0 unassigned YES unset up up

GigabitEthernet0/0/1 unassigned YES unset administratively down down

GigabitEthernet0/0/2 unassigned YES unset up up

GigabitEthernet0/0/3 unassigned YES unset up up

NVI0 192.168.1.15 YES unset up up

Tunnel0 192.168.1.15 YES unset up up

Vlan1 unassigned YES unset administratively down down

Vlan10 10.0.10.30 YES NVRAM up up

Vlan20 10.0.20.2 YES NVRAM up up

Vlan30 10.0.30.14 YES NVRAM up up

Vlan105 10.0.105.6 YES NVRAM up up

Router#sh run

Building configuration...

Current configuration : 4702 bytes

!

! Last configuration change at 22:03:12 GMT Tue Sep 25 2018 by someone

!

version 15.5

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

no aaa new-model

ethernet lmi ce

clock timezone GMT 0 0

clock summer-time GMT recurring

!

ip dhcp excluded-address 10.0.10.1

ip dhcp excluded-address 10.0.10.25 10.0.10.30

ip dhcp excluded-address 10.0.20.2

ip dhcp excluded-address 10.0.30.2

ip dhcp excluded-address 10.0.30.11 10.0.30.14

ip dhcp excluded-address 10.0.105.2 10.0.105.6

!

ip dhcp pool 10

network 10.0.10.0 255.255.255.224

default-router 10.0.10.30

dns-server 1.1.1.1 1.0.0.1

!

ip dhcp pool 20

network 10.0.20.0 255.255.255.252

default-router 10.0.20.2

dns-server 1.1.1.1 1.0.0.1

!

ip dhcp pool 30

network 10.0.30.0 255.255.255.240

default-router 10.0.30.14

dns-server 1.1.1.1 1.0.0.1

!

ip dhcp pool IPTV

network 10.0.105.0 255.255.255.248

default-router 10.0.105.6

dns-server 192.168.1.254

!

ip name-server 192.168.1.254

ip multicast-routing

ip inspect log drop-pkt

ip inspect audit-trail

ip inspect name Default http

ip inspect name Default https

ip inspect name Default ftp

ip inspect name Default ftps

ip inspect name Default tftp

ip inspect name Default pop3

ip inspect name Default pop3s

ip inspect name Default imap

ip inspect name Default imaps

ip inspect name Default tcp

ip inspect name Default udp

ip inspect name Default icmp

ip inspect name Default dns

ip inspect name Default telnet

ip cef

no ipv6 cef

!

parameter-map type inspect global

log dropped-packets enable

max-incomplete low 18000

max-incomplete high 20000

multilink bundle-name authenticated

!

license udi pid CISCO1921/K9 sn XXXXXXXXXX

!

username xxxxx privilege 15 password 7 xxxxx

!

redundancy

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

description *** WAN ***

ip address 192.168.1.15 255.255.255.0

ip access-group Default in

ip nat outside

ip inspect Default out

ip virtual-reassembly in

duplex auto

speed auto

!

interface GigabitEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface GigabitEthernet0/0/0

description *** Switch ***

switchport trunk allowed vlan 1,10,105,1002-1005

switchport mode trunk

no ip address

!

interface GigabitEthernet0/0/1

no ip address

shutdown

!

interface GigabitEthernet0/0/2

description *** AP 2 ***

switchport trunk native vlan 30

switchport trunk allowed vlan 1,30,1002-1005

switchport mode trunk

no ip address

speed 100

!

interface GigabitEthernet0/0/3

description *** AP 1 ***

switchport trunk native vlan 10

switchport trunk allowed vlan 1,10,20,1002-1005

switchport mode trunk

no ip address

!

interface Vlan1

no ip address

shutdown

!

interface Vlan10

ip address 10.0.10.30 255.255.255.224

ip nat inside

ip virtual-reassembly in

!

interface Vlan20

ip address 10.0.20.2 255.255.255.252

ip nat inside

ip virtual-reassembly in

!

interface Vlan30

ip address 10.0.30.14 255.255.255.240

ip nat inside

ip virtual-reassembly in

!

interface Vlan105

ip address 10.0.105.6 255.255.255.248

ip pim sparse-mode

ip nat inside

ip virtual-reassembly in

ip igmp join-group 224.0.1.40

ip igmp version 3

!

ip forward-protocol nd

!

no ip http server

no ip http secure-server

!

ip pim rp-address 192.168.1.254

!

ip nat inside source list 10 interface GigabitEthernet0/0 overload

ip nat inside source list 20 interface GigabitEthernet0/0 overload

ip nat inside source list 30 interface GigabitEthernet0/0 overload

ip nat inside source list 40 interface GigabitEthernet0/0 overload

ip route 0.0.0.0 0.0.0.0 192.168.1.254

!

access-list 10 permit 10.0.10.0 0.0.0.31

access-list 20 permit 10.0.20.0 0.0.0.3

access-list 30 permit 10.0.30.0 0.0.0.15

access-list 40 permit 10.0.105.0 0.0.0.7

!

control-plane

!

vstack

!

line con 0

exec-timeout 15 0

login local

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

exec-timeout 15 0

login local

transport input telnet

!

scheduler allocate 20000 1000

ntp source Vlan10

ntp server pt.pool.ntp.org prefer

ntp server europe.pool.ntp.org

!

end

Router#sh ip igmp snooping groups

Vlan Group Version Port List

---------------------------------------------------------

105 239.195.7.2 v3 Gi0/0/0

105 239.196.1.35 v3 Gi0/0/0

105 239.255.255.250 v3 Gi0/0/0

Router#sh ip igmp snooping mrouter

Vlan ports

---- -----

105

Heeeeelp!!!

johnd2310 · ‎09-27-2018

Hi,

When you enable multicast, you need to ensure you have pim configured along the whole path. In you config you have pim configured on vlan 105 only, you need pim on all participating interfaces. If multicast is coming from the WAN, then configure pim-sparse on Gi0/0

Thanks

John

**Please rate posts you find helpful**

jmmgrodrigues · ‎09-28-2018

Hi John,

I've already done that. Used ip pim sparse-mode in WAN and VLAN with rp-address at general config and ip pim dense-mode on both interfaces without rp-address. But the image still stops. The output I have is:

Router#sh ip igmp groups

IGMP Connected Group Membership

Group Address Interface Uptime Expires Last Reporter Group Accounted

239.195.1.109 Vlan105 00:00:36 00:02:44 10.0.105.1

239.255.255.250 Vlan105 00:03:14 00:02:52 10.0.105.1

239.255.255.250 GigabitEthernet0/0 00:44:48 00:02:56 192.168.1.253

239.195.7.2 Vlan105 00:03:14 00:02:46 10.0.105.1

224.0.1.40 Vlan105 00:44:06 00:02:44 10.0.105.6

Router#sh ip igmp inter

GigabitEthernet0/0 is up, line protocol is up

Internet address is 192.168.1.15/24

IGMP is enabled on interface

Current IGMP host version is 3

Current IGMP router version is 3

IGMP query interval is 60 seconds

IGMP configured query interval is 60 seconds

IGMP querier timeout is 120 seconds

IGMP configured querier timeout is 120 seconds

IGMP max query response time is 10 seconds

Last member query count is 2

Last member query response interval is 1000 ms

Inbound IGMP access group is not set

IGMP activity: 4 joins, 3 leaves

Multicast routing is enabled on interface

Multicast TTL threshold is 0

Multicast designated router (DR) is 192.168.1.15 (this system)

IGMP querying router is 192.168.1.15 (this system)

No multicast groups joined by this system

Vlan105 is up, line protocol is up

Internet address is 10.0.105.6/29

IGMP is enabled on interface

Current IGMP host version is 3

Current IGMP router version is 3

IGMP query interval is 60 seconds

IGMP configured query interval is 60 seconds

IGMP querier timeout is 120 seconds

IGMP configured querier timeout is 120 seconds

IGMP max query response time is 10 seconds

Last member query count is 2

Last member query response interval is 1000 ms

Inbound IGMP access group is not set

IGMP activity: 7 joins, 3 leaves

Multicast routing is enabled on interface

Multicast TTL threshold is 0

Multicast designated router (DR) is 10.0.105.6 (this system)

IGMP querying router is 10.0.105.6 (this system)

Multicast groups joined by this system (number of users):

224.0.1.40(1)

Thanks!

Georg Pauwen · ‎09-28-2018

Hello,

I mightb be missing something, but where is your access list DEFAULT ? I don't see it in your configuration...

ip access-group Default in

jmmgrodrigues · ‎09-28-2018

Hi John!

It's at WAN interface Gi0/0. It must be at VLAN interface too? Thanks!

Richard Burts · ‎09-28-2018

I do not think that Georg was asking about where in terms of which interface but was asking where in terms of what part of the config has the content of the access list (we need to see what is permitted and what is denied and we do not see any of that).

HTH

Rick

HTH

Rick

johnd2310 · ‎09-28-2018

Hi,

Can you give us more details on your environment. Where is the multicast source, receiver and RP. If the source is on the WAN and the receiver on vlan 105, then you need the following interfaces configured for pim

interface Vlan105

ip pim sparse-mode

interface GigabitEthernet0/0

ip pim sparse-mode

I am not sure why you have "ip igmp version 3" and "igmp join-group 224.0.1.40". Do your applications really need igmp v3 support? I would remove them.

You also need your RP:

ip pim rp-address 192.168.1.254

I am guessing the RP is on the WAN and therefore the WAN needs to have pim sparse-mode enabled all the way to the source.

You need to check that pim is working. Run "show ip pim neighbor". You should see pim neighbours. If not check the access lists on the Interface and configuration other router.

Run "show ip mroute". Verify required addresses are in routing table

post output of your show commands

Thanks

John

**Please rate posts you find helpful**

paul driver · ‎09-29-2018

Hello

It looks like your Mc configuration is inaccurate?
You have applied an igmp join group on vlan 105 that isn't applicable, basically stating this SVI interface to send query's towards the mc source However for that address you've specified is the mc rp discovery address itself and not a mc group!

You also have a static default route and unicast rp pim-address specified towards 192.168.1.254 but i don't see interface gigi0/0 pim enabled

Static pim requires full reachability to the defined RP address for the mc groups and a pim mapping on every routed device between source and receiver.

So you wish for vlan105 users to receive mc traffic you could try enabling pim on your wan interface towards the RP, removing the igmp join group from vlan 105 and possibly apply igmp snooping for that vlan on your switches.

rtr
int gig0/0
ip pim sparse-mode
exit

int vlan 105
no ip igmp join-group 224.0.1.40
exit

ip pim autorp-listener

Switches:
ip igmp snooping
ip igmp snooping vlan 105

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul